Navigating Compliance Landmines in Electronic Health Record (EHR) Documentation Brian T. Bates, CPA, CHC, MAc Corporate Compliance Officer University of Alabama Health Services Foundation, P.C. AHLA/HCCA Fraud & Compliance FORUM Monday, September 30, 2013 Our New World Expectations of Providers ARRA Meaningful Use Quality Reporting (PQRS) ICD-10 (CAC/CDI) CMS Audit Programs (RAC; CERT) HIPAA Privacy and Security Expectation of Providers My EHR will help us comply! 1
Our New World Expectation of Providers The EHR Team IT Compliance HIM Legal/Risk Management Quality/Patient Safety HR This is NOT an IT project! Pre Go-Live Considerations The team must be at the table to provide input in the system design and build process Scope of Practice/Licensure Role-Based Access and Use Internal parties (ex., Medical Students, staff, MDs) External parties (ex. Billing companies, auditors, etc.) Documentation Template Development 2
Pre Go-Live Considerations (continued) Use of Efficiency Tools Copy and Paste Normal/Negative Templates EHR Policies and Procedures Provider Education and Training At this point You don t know what you don t know Post Go-Live Considerations Scope of Practice Role-Based Access and Use (ex., Academic Secretaries; Clinical Support) Flow of documentation through the system Resident to Attending CRNP to Attending Authorship Who did what? Attestations and Signatures Timeliness of Documentation Orders Written; Protocol; Proposed; Verbal, Medical Necessity 3
Post Go-Live Considerations (continued) Use of Efficiency Tools Copy and Paste (Cloned Documentation) Normal/Negative Templates Documentation errors and discrepancies Compliance Auditing Focus Quality/Patient Safety Meaningful Use Unsigned Notes; Unsigned Orders; Test Authentication Cloned documentation Volume of Documentation versus Complexity of Patient The work for the Team is just beginning when an EHR system goes live! Our New World Expectation of Providers Government s View On Use of EHRs The EHR Team Are Providers Gaming the System? Sebelius/Holder Letter OIG Work Plan 2013 OIG EMR Technology Questionnaire CMS and RAC focus 4
Adages for Medical Record Documentation Out with the old - If it s not documented, it didn t happen In with the new If it s documented, was it done? 10 5
11 OIG Work Plan 2013 Annually OIG publishes its "targets" for the upcoming year. Cutting and Pasting Documentation in the EMR REMEMBER: More volume is not always better in the medical record, especially in the EHR with potential for cutting/pasting and copy forward. Ensure the billed code is reflective of the service provided on the DOS. 12 6
OIG Workplan 2013 CMS will review the extent of potentially inappropriate payments for E&M services Medicare Manual instructs providers to select the code for the service based upon the content of the service and says that documentation should support the level of service reported. Medicare (CMS) noted: Identical documentation across services. CMS will review multiple E&M services for the same providers and beneficiaries to identify electronic health records (EHR) documentation practices associated with potentially improper payments due to cloned, cut-paste or copy forward notes. Cloned documentation (i.e. a medical record entry worded exactly like or unreasonably similar to previous entries within an individual s medical record or between different individual s medical records) does not meet the medical necessity requirements for coverage of services due to the lack of patient and/or visit specific information 13 7
OIG EMR Technology Survey OIG letter to hospitals October 2012 18 page, 54 question survey Survey probing a hospital s EMR data entry habits, security practices, and more How diagnosis codes are coded-manually, automatically, etc. User authorization-passwords, tokens, etc. Access management-timeout, password rules, etc. Audit logs Do you use Computer-Assisted Coding How physician notes are entered-free text, template EMR copy and paste policies 8
Department of Justice(DOJ)/Health and Human Services (HHS) Fraud and Abuse Initiatives: Expanded Office of Inspector General focus on EHRs Expanded CMS Integrity Program Hiring Special Program Integrity Contractors Efforts by DOJ Return on Investment - $1 : $8 Investigating healthcare fraud and abuse is worth their efforts. February 2013 DOJ and HHS - announced recoupment of over $4.2 Billion in healthcare fraud in FY 2012 All healthcare sectors subject to the government s ongoing scrutiny this is not a fad. CERT Reviews (Comprehensive Error Rate Testing) RAC Reviews (Recovery Audit Contractor) Focused Reviews MIC (Medicaid Integrity Contractor) Fiscal Cliff Bill Increase look-back period from 3 years to 5 years 17 Expectation of Providers The EHR Team Government s View On Use of EMRs Cloning Copy and Paste Pre-Populated Normal or Negative templates Authorship Timeliness of Medical Record Completion Top Compliance Risk Areas for EMRs Note Bloat Coding Software Quality/Patient Safety 9
National Government Services Cloned Documentation Cloned documentation will be considered misrepresentation of the medical necessity requirement for coverage of services due to the lack of specific individual information for each unique patient, Other MACs with posted comments about cloning Palmetto GBA CahabaGBA TrailBlazer Health Enterprises First Coast Service Options 19 In The News O Reilly, Kevin B. EHRs: Sloppy and Paste endures despite patient safety risk. amdnews.com (February 4, 2013) Medicare Contractor Downcodes Claims Because of Copy and Paste in EHRs Report on Medicare Compliance Vol. 22, Number 11 (March 25, 2013) 20 10
United States of America vs. William King In The News Dr. King (GYN physician) developed an office visit template that included all required elements for a comprehensive level 5 visit after attending a coding inservice. Dr. King completed the form on all patients and billed level 5 visits. Problem: Dr. King checked off elements of the exam that he did not perform. Patients testified that they did not receive the exams noted. Result: Dr. King incarcerated 36 months $800,851 in False Claims. 21 11
Medically Reasonable and Necessary: Documenting Medical Necessity The patient s condition (severity, acuity, number of medical problems, etc.) is the key factor in determining medical necessity for Medicare payment for services. Providers who report E/M services for Medicare payment must ensure their records describe the patient s condition and reason for the visit in enough detail for a reasonable observer to understand the patient s need. Providers must also ensure the nature of the patient s presenting problem and/or status is consistent with the level of service reported. Unfortunately, practitioners often include unnecessary material while failing to record clinically pertinent information needed to determine medical necessity of the service. The service should be coded based on the clinical needs of the patient In keeping with federal law, Medicare must deny or downcode E/M services that, in its judgment, exceed the patient s documented needs. http://www.trailblazerhealth.com/publications/job%20aid/documentingcompone ntseov.pdf CMS Use of Templates Medicare Program Integrity Manual (100-08): 3.3.2.1.1 Progress Notes and Templates (Rev.438, Implementation: 12-10-12) A. Definitions: "Progress Notes" -- visit notes, encounter notes, Evaluation and Management documentation, office notes, face-to-face evaluation notes or any other type of record of the services provided by a physician or other licensed/certified medical professional (LCMP) in the medical record. Progress notes may be in any form or format, hardcopy or electronic. "Template" -- a tool/instrument/interface that assists in documenting a progress note. Templates may be paper or electronic. CMS does not prohibit the use of templates to facilitate record-keeping & does not endorse or approve any particular templates. A physician/lcmp may choose any template to assist in documenting medical information. 12
13
ALL VITAL SIGNS MULTI PAGE NOTES CMS Transmittals Focused on EHR Documentation 442 (Effective Date: January 8, 2013) SUBJECT: Update for Amendments, Corrections and Delayed Entries in Medical Documentation Electronic Health Records (EHR): Medical record keeping within an EHR deserves special considerations; however, the principles wed above remain fundamental and necessary for document submission to MACs, CERT, Recovery Auditors, and ZPICs. Records sourced from electronic systems containing amendments, corrections or delayed entries must: a. Distinctly identify any amendment, correction or delayed entry, and b. Provide a reliable means to clearly identify the original content, the modified content, and the date and authorship of each modification of the record. If the MACs, CERT or Recovery Auditors identify medical documentation with potentially fraudulent entries, the reviewers shall refer the cases to the ZPIC and may consider referring to the RO and State Agency. 14
AAMC Compliance Officers Forum Compliance Advisory 1: Medical Student Documentation Compliance Advisory 2: Appropriate Documentation in an EHR: Use of Information That Is Not Generated During the Encounter for Which the Claim is Submitted: Copying/Importing/Scripts/Templates https://www.aamc.org/download/253812/data/appropriatedocumentationinanehr. pdf Compliance Advisory 3: A Challenge for the Electronic Health Records of Academic Institutions: Physicians combining documentation or using information documented by others when billing for a professional service https://www.aamc.org/download/253812/data/appropriatedocumentationinanehr. pdf 2012 Association of American Medical Colleges. May be reproduced and distributed with attribution. This document does not contain legal advice. It was developed by the AAMC Compliance Officers Forum EHR Workgroup. Documentation in the EHR CMS IS WATCHING EHR DOCUMENTATION Once you sign your note, YOU ARE RESPONSIBLE FOR ITS CONTENT 15
Documentation in the EHR Every exam component... Every time you copy forward Family/Social History... Every HPI and ROS item you document means YOU PERFORMED THEM ON THAT VISIT... If you document something you did not do... YOU ARE PUTTING YOURSELF AND THE INSTITUTION AT GREAT RISK! Top Compliance Rules for an EHR Use Copy Forward with caution.... Each visit is unique Cloned documentation is very obvious to auditors If you bring a note forward it MUST reflect the activity for the CURRENT VISIT with appropriate editing Strongly advise NOT copying forward HPI, Exam, and complete Assessment/Plan Page 32 16
Top Compliance Rules for an EHR Be careful with pre populated No or Negative templates Cautious with ROS and Exam Macros, Check boxes, or Free Text are safer and more individualized Page 33 Top Compliance Rules for an EHR Never copy ANYTHING from one patient s record into another patient s note Self explanatory Page 34 17
Top Compliance Rules for an EHR Authenticate all documentation and orders in a timely fashion Examples 48 hours for verbal orders 30 days for signed documentation Page 35 Top Compliance Rules for an EHR Never copy documentation from another provider without clearly identifying the original author Can be considered a false claim Not always easy to do better to avoid Page 36 18
Top Compliance Rules for an EHR Only Past/Family/Social History and Review of Systems may be used from a medical student or nurse s note Student or nurse may start the note Provider (resident or attending) must document HPI, Exam, and Assessment/Plan Page 37 Our New World Expectation of Providers ARRA 2009: Provider Incentives for Meaningful Use of EHR Government s View CMS Physician On Use of Quality EMRs Reporting System (PQRS) Penalties begin 2015 The EHR Team Top Compliance Risk Areas for EHRs Mandatory Electronic Health Records and Personal Health Records 19
Our New World Mandated for October 1, 2014 Expectation of 68,000 Providers new codes (currently 13,500 in ICD-9) Alpha-numeric with up to 7 characters per code Essentially forces change to an electronic billing system The EHR (no Team more paper charge tickets) Government s View On Use of EMRs New ICD-10 Coding System October 2014 Top Compliance Risk Areas for EHRs Mandatory Electronic Health Records and Personal Health Records Our New World Expectation of Providers Government s View On Use of EMRs New ICD-10 Coding System October 2014 The EHR Team Taking Care of Patients Top Compliance Risk Areas for EMRs Mandatory Electronic Health Records and Personal Health Records 20
Our New World Expectation of Providers The EHR Team Government s View On Use of EHRs It takes a village IT Compliance/Legal Clinical Informatics Providers Quality/Patient Safety New ICD-10 Coding System October 2014 How To Audit Your EHR Top Compliance Risk Areas for EHRs Mandatory Electronic Health Records and Personal Health Records Auditing Your EHR Work with IT to create Compliance reports within your EHR Identify your report generating capabilities Example: CERNER Message Center and PowerInsight Unsigned Notes Unsigned Orders Unauthenticated Test Results HIPAA access ARRA Meaningful Use Metrics 21
Auditing Your EHR Focus on use of efficiency tools Template Use Cloned Documentation Contradictory information in the clinic notes Added Finding Codes to our Audit Score Card Real-Life examples used in meetings with Providers Authorship Nurse Medical Student Advanced Practitioner (CRNP/PA) Clerical Staff Resident Attending Physician Scribes Medical Records 101: If you make an entry in the medical record you should sign and date the entry Critical to work with your EHR vendor to develop track changes tools Mandatory Policies For Your EHR Use of Copy Functionality Copy and Paste Pre-populated Templates Orders Who can do what in the system? Scribes Timeliness of Documentation 22
EMR Optimization For The New World Auditing By Department By Division By Provider Special Audits By Risk Area Education One-on-One Faculty Meetings Grand Rounds New Provider Communication Email Blasts Customized Reporting CERNER Relationships Academic Colleagues Payer Contacts 23